Cook County Elections, under the Cook County Clerk, and the Chicago Board of Election Commissioners seeks a strategic and proactive Information Security expert to provide leadership in the protection and confidentiality of County’s voting information and voting technology assets. If this is you, we welcome you to apply to be the first Elections Information Security Officer in one of the Nation’s largest Election Authorities. The Elections Division security tagline is “Defend, Detect, Recover”. We are looking for someone to own that mantle and ensure that is extended throughout the organization.
With Election security an increasing concern, the security of the Clerk’s elections data assets and infrastructure has become one of the County Clerk’s strategic imperatives. The new Election Information Security Officer (EISO) will be on the payroll of Cook County and Managerially inside of the Clerk’s office. However, this position will report to both the Director of Elections and the Chief Technology Officer of the Cook County Clerk’s office, and to the Executive Director of the Chicago Board of Elections. The position must also coordinate closely with the County’s and City’s Dept. of Homeland Security Information Security Offices (ISO). The EISO will be responsible for safeguarding confidential information of voters and securing against internal and external threats that may disrupt Elections.
The EISO will be responsible for the strategic planning, development and administration of the Clerk’s security program, which must be designed and implemented to provide maximum protection to data and hardware assets and to create resiliency after any successful attack. The EISO will have primary responsibility for creating and disseminating policy as well as managing compliance to best available security protocols.
Specific Goals Include:
- Security Training: Develop training that will bring attention and education to security topics throughout the Elections Division.
- Create, disseminate, and develop enforcement mechanisms for Elections security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements such as NIST Framework, MS-ISAC, and CIS
- Design and implement security tools at all levels (network, server, workstation, voting equipment, etc.) to mitigate known security threats, to alert when an incident occurs, and to respond to an incident when one occurs.
- Stay current with technology trends by researching new methods that will effectively protect networks, databases, and applications and keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to elections
- Work with end users to determine needs of individual departments, implement policies or procedures, and track compliance throughout the organization
- Determine security violations and inefficiencies by conducting periodic audits and by identifying abnormalities in network traffic, database activity, or application activity
- Recommend methods for vulnerability detection and remediation, and oversee vulnerability testing in coordination with County ISO
- In conjunction with senior management, coordinate response to security incidents
- BA or BS in Computer Science, Management Information Systems, or related field
- Minimum four years of progressive experience in computing and information security, including experience in developing or administering an information security program
- Working knowledge of and experience in the policy and regulatory environment of information security, especially in elections
- Familiarity with System Administration – Windows Active Directory, Patch Management, Endpoint Protection (McAfee or similar), Systems Monitoring, Mobile Device Management, Process Improvement, firewall administration, network protocols, routers, hubs and switches, VPN, etc.
- Experience in developing and implementing security policies, penetration testing, intrusion detection & prevention, vulnerability management
- Strong interpersonal, communication, project management, and leadership skills, including the ability to effectively communicate to both technical and non-technical audiences
- Ability to develop documentation such as test plans, test results, implementation procedures and operational support processes
- Working knowledge of Amazon Web Services (AWS) administration
- Experience with Office 365 (O365), including but not limited to Outlook Online, SharePoint, and OneDrive
- Strong understanding of Advanced Persistent Threat (APT) detection and protection
- Excellent analytical and problem solving skills along with a strong understanding of common network and system exploits and vulnerabilities
- Professional Certifications such as CISSP
- Experience with Mobile Device Management (MDM)
- Experience with SCCM
Military Cyber Defense Experience a plus
Negotiable based on experience
December 27, 2017 – UNTIL FURTHER NOTICE
APPLICATION FOR EMPLOYMENT MUST BE MADE IN PERSON AT THE COOK COUNTY CLERK’S OFFICE OF HUMAN RESOURCES, 69 WEST WASHINGTON, 5TH FLOOR, CHICAGO, ILLINOIS 60602
EMAIL RESUME TO: firstname.lastname@example.org (JOB CODE: ELE122717)
AN EQUAL OPPORTUNITY EMPLOYER